Splunk Enterprise Vulnerability: Risky SPL Commands in Dashboard Examples Hub
CVE-2024-29946

8.1HIGH

Key Information:

Vendor: Splunk
Status: Splunk Enterprise; Splunk Cloud Platform
Vendor: CVE Published:; 27 March 2024

Badges

📰 News Worthy

What is CVE-2024-29946?

In Splunk Enterprise prior to version 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub contains a security vulnerability that allows unsafe SPL commands to be executed without proper safeguards. Attackers can exploit this vulnerability by tricking users into initiating specially crafted requests, leading to potential unauthorized actions that compromise system integrity. It's crucial for organizations using affected versions to apply necessary security measures to protect against such attacks.

Affected Version(s)

Splunk Cloud Platform - < 9.1.2312.104

Splunk Cloud Platform - < 9.1.2308.205

Splunk Enterprise 9.2 < 9.2.1

News Articles

CybersecurityNews

CVE-2024-29945 CVE-2024-29946

Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards : Patch Now

Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk to organizations utilizing Splunk Enterprise and Splunk Cloud Platform.

References

https://advisory.splunk.com/advisories/SVD-2024-0302

https://research.splunk.com/application/1cf58ae1-9177-40b...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by CybersecurityNews
Mar 29, 2024
Vulnerability published
Mar 27, 2024